[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP and AD?

To: Le Ngoc Thach <lnthach@yahoo.com>
Subject: Re: LDAP and AD?
From: Kervin Pierre <kpierre@fit.edu>
Date: Thu, 28 Mar 2002 08:43:21 -0500
Cc: landru@enic.fr, OpenLdap-Software@OpenLDAP.com
References: <000f01c1d5fe$906cbf60$080101c0@vn.ibsdp.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.9) Gecko/20020310

Le Ngoc Thach wrote:

Hi Jacques Landru,
I have a dream to have all passwords and users in LdapServer.

...

I think you and I had the same dream, how about that? :)

At any rate there are a number of ways to do synchronization already. I am working one more way to do this at http://acctsync.sourceforge.net/ .

I am taking the approach that iPlanet did with they NT directory sync product. It comprises of a NT/2000 password filter that catches user password changes and updates the directory, and ldap server plugins that update NT/2000 when a user is added or a password gets changed.

Although still in Alpha, I have wrote a generic password filter that calls a external script on user password changes. My goal is to use this dll along with a 'passwd.pl' perl script to send this changes to the OpenLDAP server. Someone else has wrote a password filter that does a direct ldap modify on the user's password attribute in the OpenLDAP server. The latter is more efficient, but I believe less flexible. Either way there's a choice.

I have made modifications to the perl backend to have it compile windows. The patch is against CVS and is available from http://prdownloads.sourceforge.net/acctsync/back-perl.win32.current.patch.gz I have tested the patch with activestate perl although, I believe another perl 5.6 distribution would work with minimal effort. I don't know when/if the patch will be incorporated into OpenLDAP CVS.

The final piece of the puzzle is the perl scripts to do the work. I am planning to write these sometime this weekend. I'll also include pre-built binaries if I get the chance as well. If you are interested keep an eye on http://acctsync.sourceforge.net/ .

--Kervin

--
http://linuxquestions.org/ - Ask linux questions, give linux help.
http://splint.org/ - Write safe C code. splint source-code analyzer.

Follow-Ups:
- Re: LDAP and AD?
  - From: "Jacques Landru" <landru@enic.fr>

References:
- LDAP and AD?
  - From: "Le Ngoc Thach" <lnthach@yahoo.com>

Prev by Date: RE: binding to ldap with uid
Next by Date: Re: Migrate from AD
Index(es):
- Chronological
- Thread